Navigate

CCI-001406

CCI-001406 Definition

The organization defines a time period of expected inactivity when users are required to log out.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the time period as at the end of the users standard work period unless otherwise defined in formal organizational policy.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the time period as at the end of the users standard work period unless otherwise defined in formal organizational policy.

Compelling Evidence

Automatically compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001406.

Control	Description
AC-2 (5)	The organization requires that users log out when [Assignment: organization-defined time-period of expected inactivity or description of when to log out].